Md Tauhidur Rahman

Md Sadik Awal, Md Tauhidur Rahman

Electromagnetic (EM) shielding is widely used to suppress radiated emissions and limit passive EM side-channel leakage. However, shielding does not address active probing, where an adversary injects external radio-frequency (RF) signals and observes the device's reflective response. This work studies whether such impedance-modulated backscattering persists when radiated emissions are suppressed by shielding. By injecting controlled RF signals and analyzing the reflections, we demonstrate that state-dependent impedance variations remain observable at frequencies outside the shields' primary attenuation band. Using processors implemented on FPGA and microcontroller prototypes, and evaluating workload profiles under three industry-standard shields, we find that passive EM measurements lose discriminative power under shielding, while backscattering responses remain separable. These results indicate that active RF probing can expose execution-dependent behavior even in shielded systems, motivating the need to consider active impedance-based probing within hardware security evaluation flows.

Mehdi Sadi, B. M. S. Bahar Talukder, Kaniz Mishty et al.

Universal Adversarial Perturbations are image-agnostic and model-independent noise that when added with any image can mislead the trained Deep Convolutional Neural Networks into the wrong prediction. Since these Universal Adversarial Perturbations can seriously jeopardize the security and integrity of practical Deep Learning applications, existing techniques use additional neural networks to detect the existence of these noises at the input image source. In this paper, we demonstrate an attack strategy that when activated by rogue means (e.g., malware, trojan) can bypass these existing countermeasures by augmenting the adversarial noise at the AI hardware accelerator stage. We demonstrate the accelerator-level universal adversarial noise attack on several deep Learning models using co-simulation of the software kernel of Conv2D function and the Verilog RTL model of the hardware under the FuseSoC environment.

B. M. S. Bahar Talukder, Farah Ferdaus, Md Tauhidur Rahman

Many commercially available memory chips are fabricated worldwide in untrusted facilities. Therefore, a counterfeit memory chip can easily enter into the supply chain in different formats. Deploying these counterfeit memory chips into an electronic system can severely affect security and reliability domains because of their sub-standard quality, poor performance, and shorter lifespan. Therefore, a proper solution is required to identify counterfeit memory chips before deploying them in mission-, safety-, and security-critical systems. However, a single solution to prevent counterfeiting is challenging due to the diversity of counterfeit types, sources, and refinement techniques. Besides, the chips can pass initial testing and still fail while being used in the system. Furthermore, existing solutions focus on detecting a single counterfeit type (e.g., detecting recycled memory chips). This work proposes a framework that detects major counterfeit static random-access memory (SRAM) types by attesting/identifying the origin of the manufacturer. The proposed technique generates a single signature for a manufacturer and does not require any exhaustive registration/authentication process. We validate our proposed technique using 345 SRAM chips produced by major manufacturers. The silicon results show that the test scores ($F_{1}$ score) of our proposed technique of identifying memory manufacturer and part-number are 93% and 71%, respectively.

B. M. S. Bahar Talukder, Vineetha Menon, Biswajit Ray et al.

Due to the globalization in the semiconductor supply chain, counterfeit dynamic random-access memory (DRAM) chips/modules have been spreading worldwide at an alarming rate. Deploying counterfeit DRAM modules into an electronic system can have severe consequences on security and reliability domains because of their sub-standard quality, poor performance, and shorter life span. Besides, studies suggest that a counterfeit DRAM can be more vulnerable to sophisticated attacks. However, detecting counterfeit DRAMs is very challenging because of their nature and ability to pass the initial testing. In this paper, we propose a technique to identify the DRAM origin (i.e., the origin of the manufacturer and the specification of individual DRAM) to detect and prevent counterfeit DRAM modules. A silicon evaluation shows that the proposed method reliably identifies off-the-shelf DRAM modules from three major manufacturers.

Kyle Worley, Md Tauhidur Rahman

With the globalization of the semiconductor manufacturing process, electronic devices are powerless against malicious modification of hardware in the supply chain. The ever-increasing threat of hardware Trojan attacks against integrated circuits has spurred a need for accurate and efficient detection methods. Ring oscillator network (RON) is used to detect the Trojan by capturing the difference in power consumption; the power consumption of a Trojan-free circuit is different from the Trojan-inserted circuit. However, the process variation and measurement noise are the major obstacles to detect hardware Trojan with high accuracy. In this paper, we quantitatively compare four supervised machine learning algorithms and classifier optimization strategies for maximizing accuracy and minimizing the false positive rate (FPR). These supervised learning techniques show an improved false positive rate compared to principal component analysis (PCA) and convex hull classification by nearly 40% while maintaining > 90\% binary classification accuracy.

B. M. S. Bahar Talukder, Biswajit Ray, Domenic Forte et al.

Physically Unclonable Functions (PUFs) are potential security blocks to generate unique and more secure keys in low-cost cryptographic applications. Dynamic random-access memory (DRAM) has been proposed as one of the promising candidates for generating robust keys. Unfortunately, the existing techniques of generating device signatures from DRAM is very slow, destructive (destroy the current data), and disruptive to system operation. In this paper, we propose \textit{precharge} latency-based PUF (PreLatPUF) that exploits DRAM \textit{precharge} latency variations to generate signatures. The proposed PreLatPUF is fast, robust, least disruptive, and non-destructive. The silicon results from commercially available $DDR3$ chips from different manufacturers show that the proposed key generation technique is at least $ \sim 1,192X$ faster than the existing approaches, while reliably reproducing the key in extreme operating conditions.

B. M. S. Bahar Talukder, Joseph Kerns, Biswajit Ray et al.

True random number generator (TRNG) plays a vital role in a variety of security applications and protocols. The security and privacy of an asset rely on the encryption, which solely depends on the quality of random numbers. Memory chips are widely used for generating random numbers because of their prevalence in modern electronic systems. Unfortunately, existing Dynamic Random-access Memory (DRAM)-based TRNGs produce random numbers with either limited entropy or poor throughput. In this paper, we propose a DRAM-latency based TRNG that generates high-quality random numbers. The silicon results from Samsung and Micron DDR3 DRAM modules show that our proposed DRAM-latency based TRNG is robust (against different operating conditions and environmental variations) and acceptably fast.